Legal claims defining the scope of protection, as filed with the USPTO.
1. A method of analyzing a behavior-based security system of a mobile device, comprising: generating by a processor artificial attack software configured to simulate a non-benign behavior in the mobile device; sending the generated artificial attack software to the mobile device so as to simulate the non-benign behavior in the mobile device; receiving behavior information from the mobile device in response to sending the generated artificial attack software to the mobile device; generating a behavior vector based on the received behavior information; applying the generated behavior vector to a classifier model to generate a result; using the generated result to determine whether the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior; and sending a dead-man signal to the mobile device in response to determining that the behavior-based security system of the mobile device did not respond adequately to the simulated non-benign behavior.
2. The method of claim 1 , further comprising setting a timer by the processor, wherein determining whether the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior comprises determining whether a response was received from the mobile device before expiration of the timer.
3. The method of claim 1 , further comprising sending a system-ok signal to the mobile device in response to determining that the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior.
4. The method of claim 1 , wherein sending the dead-man signal to the mobile device comprises sending a communication message that includes information suitable for causing the mobile device to perform dead-man operations.
5. The method of claim 1 , wherein generating the artificial attack software comprises: receiving a corpus of behavior information from many mobile devices; analyzing the corpus of behavior information to identify the non-benign behavior; and generating the artificial attack software to include information suitable for causing a mobile device processor of the mobile device to perform the identified non-benign behavior.
6. The method of claim 1 , wherein generating the artificial attack software comprises generating the artificial attack software to include information suitable for causing a mobile device processor of the mobile device to perform operations associated with a known cyber attack.
7. The method of claim 1 , further comprising: receiving the artificial attack software in a mobile device processor of the mobile device; installing the received artificial attack software in the mobile device; monitoring operations of the behavior-based security system to collect behavior information; and sending collected behavior information to the processor.
8. The method of claim 7 , further comprising: setting by the mobile device processor a timer in response to sending the collected behavior information; and performing by the mobile device processor dead-man operations in response to determining that a system-ok signal has not been received by the mobile device and that the timer has expired.
9. The method of claim 1 , wherein the simulated non-benign behavior includes simulated behaviors of a near-field communication (NFC) transaction, and wherein the dead-man signal includes information suitable for causing the mobile device to prevent completion of an near field communication (NFC) transaction.
10. A computing device, comprising: a processor configured with processor-executable instructions to perform operations comprising: generating artificial attack software configured to simulate a non-benign behavior in a mobile device; sending the generated artificial attack software to the mobile device so as to simulate the non-benign behavior in the mobile device; receiving behavior information from the mobile device in response to sending the generated artificial attack software to the mobile device; generating a behavior vector based on the received behavior information; applying the generated behavior vector to a classifier model to generate a result; using the generated result to determine whether a behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior; and sending a dead-man signal to the mobile device in response to determining that the behavior-based security system of the mobile device did not respond adequately to the simulated non-benign behavior.
11. The computing device of claim 10 , wherein: the processor is configured with processor-executable instructions to perform operations further comprising setting a timer by the processor, and the processor is configured with processor-executable instructions to perform operations such that determining whether the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior comprises determining whether a response was received from the mobile device before expiration of the timer.
12. The computing device of claim 10 , wherein the processor is configured with processor-executable instructions to perform operations further comprising sending a system-ok signal to the mobile device in response to determining that the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior.
13. The computing device of claim 10 , wherein the processor is configured with processor-executable instructions to perform operations such that sending the dead-man signal to the mobile device comprises sending a communication message that includes information suitable for causing the mobile device to perform dead-man operations.
14. The computing device of claim 10 , wherein the processor is configured with processor-executable instructions to perform operations such that generating artificial attack software comprises: receiving a corpus of behavior information from many mobile devices; analyzing the corpus of behavior information to identify the non-benign behavior; and generating artificial attack software to include information suitable for causing a mobile device processor of the mobile device to perform the identified non-benign behavior.
15. The computing device of claim 10 , wherein the processor is configured with processor-executable instructions to perform operations such that generating artificial attack software comprises generating artificial attack software to include information suitable for causing a mobile device processor of the mobile device to perform operations associated with a known cyber attack.
16. A non-transitory computer readable storage medium having stored thereon processor-executable software instructions configured to cause a processor to perform operations for analyzing a behavior-based security system of a mobile device, the operations comprising: generating artificial attack software configured to simulate a non-benign behavior in the mobile device; sending the generated artificial attack software to the mobile device so as to simulate the non-benign behavior in the mobile device; receiving behavior information from the mobile device in response to sending the generated artificial attack software to the mobile device; generating a behavior vector based on the received behavior information; applying the generated behavior vector to a classifier model to generate a result; using the generated result to determine whether the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior; and sending a dead-man signal to the mobile device in response to determining that the behavior-based security system of the mobile device did not respond adequately to the simulated non-benign behavior.
17. The non-transitory computer readable storage medium of claim 16 , wherein the stored processor-executable software instructions are configured to cause a processor to perform operations further comprising setting a timer by the processor, wherein determining whether the behavior-based security system of the mobile device responded adequately to the simulated non- benign behavior comprises determining whether a response was received from the mobile device before expiration of the timer.
18. The non-transitory computer readable storage medium of claim 16 , wherein the stored processor-executable software instructions are configured to cause a processor to perform operations further comprising sending a system-ok signal to the mobile device in response to determining that the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior.
19. The non-transitory computer readable storage medium of claim 16 , wherein the stored processor-executable software instructions are configured to cause a processor to perform operations such that sending the dead-man signal to the mobile device comprises sending a communication message that includes information suitable for causing the mobile device to perform dead-man operations.
20. The non-transitory computer readable storage medium of claim 16 , wherein the stored processor-executable software instructions are configured to cause a processor to perform operations such that generating artificial attack software comprises: receiving a corpus of behavior information from many mobile devices; analyzing the corpus of behavior information to identify the non-benign behavior; and generating artificial attack software to include information suitable for causing a mobile device processor of the mobile device to perform the identified non-benign behavior.
21. The non-transitory computer readable storage medium of claim 16 , wherein the stored processor-executable software instructions are configured to cause a processor to perform operations such that generating artificial attack software comprises generating artificial attack software to include information suitable for causing a mobile device processor of the mobile device to perform operations associated with a known cyber attack.
22. A computing device, comprising: means for generating artificial attack software configured to simulate a non-benign behavior in a mobile device; means for sending the generated artificial attack software to the mobile device so as to simulate the non-benign behavior in the mobile device; means for receiving behavior information from the mobile device in response to sending the generated artificial attack software to the mobile device; means for generating a behavior vector based on the received behavior information; means for applying the generated behavior vector to a classifier model to generate a result; means for using the generated result to determine whether a behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior; and means for sending a dead-man signal to the mobile device in response to determining that the behavior-based security system of the mobile device did not respond adequately to the simulated non-benign behavior.
23. The computing device of claim 22 , further comprising means for setting a timer, wherein means for determining whether the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior comprises means for determining whether a response was received from the mobile device before expiration of the timer.
24. The computing device of claim 22 , further comprising means for sending a system-ok signal to the mobile device in response to determining that the behavior-based security system of the mobile device responded adequately to the simulated non-benign behavior.
25. The computing device of claim 22 , wherein means for sending the dead-man signal to the mobile device comprises sending a communication message that includes information suitable for causing the mobile device to perform dead-man operations.
26. The computing device of claim 22 , wherein means for generating artificial attack software comprises: means for receiving a corpus of behavior information from many mobile devices; means for analyzing the corpus of behavior information to identify the non-benign behavior; and means for generating artificial attack software to include information suitable for causing a mobile device processor of the mobile device to perform the identified non-benign behavior.
Unknown
May 31, 2016
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.